Gigabyte’s Firmware AutoUpdate Feature Is Rather Insecure

Source: Ars Technica Gigabyte’s Firmware AutoUpdate Feature Is Rather Insecure

The Feature Is Invisible To You, But Not To Hackers

Gigabyte had good intentions designing a feature on their motherboards that calls home every reboot to see if there is any new firmware which could be installed automatically and without the user needing to do anything.  From the Ars Technica article it seems like this is not so much a BIOS update but firmware for the various features your motherboard offers, be it audio or networking.   We are not big fans of computers silently phoning home, and while Gigabyte meant well they should have included a way to disable it for users that don’t want their computer updating without their intervention.

However there is a big problem with Gigabyte’s firmware autoupdate, it is laughably insecure and is being used to load software onto unsuspecting people’s computers.  Researchers at Eclypsium discovered the invisible updater downloads code without properly authenticating it, and even does it over HTTP!  That gives attackers a huge attack surface, as they could dump just about any code onto a machine, with the user none the wiser.

Even worse, it is unlikely this can be fixed with an update which leaves millions of Gigabyte motherboard owners susceptible to attack until their next motherboard upgrade,

Whenever a computer with the affected Gigabyte motherboard restarts, Eclypsium found, code within the motherboard’s firmware invisibly initiates an updater program that runs on the computer and in turn downloads and executes another piece of software.

Video News

About The Author

Jeremy Hellstrom

Call it K7M.com, AMDMB.com, or PC Perspective, Jeremy has been hanging out and then working with the gang here for years. Apart from the front page you might find him on the BOINC Forums or possibly the Fraggin' Frogs if he has the time.

1 Comment

  1. 2222

    Is that the Gigabyte Control Center they are referring to? – Because when I saw that thing pop up on first boot it 200% creeped me out. But it can be disabled in UEFI

    Reply

Leave a reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Podcasts

Archive & Timeline

Previous 12 months
Explore: All The Years!